After spending the better part of an hour trying to forward a port in Linux using iptables, here’s what you should do and what you should remember not to do.

This technique should work on any distro that has iptables, such as Ubuntu, Debian, Fedora, Red Hat, RHEL, Gentoo, etc. Here it is:

As a first step, enter the following rules in your iptables:

sudo iptables -A PREROUTING -t nat -p tcp --dport 443 -j DNAT --to 192.168.100.140:443
sudo iptables -A FORWARD -p tcp -m state --state NEW --dport 443 -j ACCEPT
sudo iptables -t nat -A POSTROUTING -j MASQUERADE -o eth0

This should accept the connection on port 443 and forward it to host 192.168.100.140 over port 443. However, this won’t work if you haven’t enabled ip forwarding in the kernel. To check, run:

sudo sysctl net.ipv4.ip_forward

If it’s 0, you need to enable it:

sudo sysctl -w net.ipv4.ip_forward=1

Don’t forget to write it in your /etc/sysctl.conf file:

sudo nano /etc/sysctl.conf

And that’s it, you should be good to go!